LAST MODIFIED: February 13, 2026

This Privacy Policy establishes an enforceable legal contract between you (referred to as the “User,” “You,” “Your,” or “Data Principal”) and NewsTides, our digital news platform (known as the “Company,” “we,” “us,” “our,” or “Platform”). Our registered office is located at BPTP Amstoria, Sector-102, Gurugram, Haryana 122006, India.

This Policy governs the collection, processing, storage, usage, disclosure, transfer, and protection of Your personal data and digital personal data (collectively, “Personal Data”) in connection with Your access to and use of the website https://www.newstides.com (the “Website”) and all associated services, features, content, and applications (collectively, the “Services”).

This Policy adheres fully to the DPDP Act (Act No. 22 of 2023) (Digital Personal Data Protection Act, 2023), alongside the Information Technology Act, 2000 (“IT Act”), the Information Technology Rule 2011 (SPDI Rules) (Security Practices and Procedures) and (Personal Data / Information), and relevant Indian privacy regulations.

1. DEFINITIONS AND INTERPRETATION

1.1 Definitions

This Policy defines key terms below, with meanings applied as stated unless the surrounding context indicates differently:

“Consent” refers to the Data Principal’s voluntary, targeted, informed, and explicit expression of intent, evidenced by a distinct positive act approving the handling of their Personal Data, per Section 2(4) of the DPDP Act.
“Data Fiduciary” is any individual or entity who, independently or jointly, decides the objectives and methods for processing Personal Data, as outlined in Section 2(6) of the DPDP Act. NewsTides serves in this role for purposes of this Policy.
“Data Principal” means the individual to whom the Personal Data relates, as defined under Section 2(8) of the DPDP Act.
“Data Processor” denotes any entity that handles Personal Data at the direction of a Data Fiduciary, according to Section 2(9) of the DPDP Act.
“Digital Personal Data” means Personal Data in digital form, including data digitized from physical records, as defined under Section 2(11) of the DPDP Act.
“Grievance Officer” means the officer designated by the Company to address grievances and complaints relating to Personal Data processing.
“Personal Data” means any data about an individual who is identifiable by or in relation to such data, including but not limited to name, email address, telephone number, IP address, device identifiers, location data, and any other information that can directly or indirectly identify an individual.
“Processing” covers every operation or sequence of operations conducted on Personal Data, whether automated or manual, including collection, recording, organization, structuring, storage, adaptation, retrieval, use, disclosure, dissemination, erasure, or destruction.
“Sensitive Personal Data or Information” (SPDI) means such Personal Data as may be classified as sensitive under the SPDI Rules, including passwords, financial information, health data, sexual orientation, biometric information, and any other categories notified by the Central Government.

1.2 Interpretation

In this Policy:

References to statutory provisions include amendments, replacements, or re-enactments of those provisions.
Section headings serve only for ease of reference and hold no interpretive weight.
Singular terms encompass their plural forms, and plural terms include singular ones.
References to “including” shall mean “including without limitation.”

2. DATA FIDUCIARY INFORMATION AND GRIEVANCE REDRESSAL

2.1 Data Fiduciary Details

NewsTides operates as the Data Fiduciary for all Personal Data processed through the Services. Our registered office and contact details are:

NewsTides
BPTP Amstoria, Sector-102
Gurugram, Haryana 122006
India
Email: support@newstides.com

2.2 Escalation Mechanism

If you are dissatisfied with the resolution provided by the Grievance Officer, you may escalate your complaint to the Data Protection Board of India, created under Section 18 of the DPDP Act, or approach the appropriate judicial forum in accordance with Section 12 hereof.

3. SCOPE AND APPLICABILITY OF THIS POLICY

3.1 Territorial Scope

This Policy applies to:

(a) All Users accessing the Website or Services from within the territory of India;

(b) All Users accessing the Website or Services from outside India, where such access involves the processing of Digital Personal Data in India or in connection with any business activity in India;

(c) All processing activities undertaken by the Company in its capacity as Data Fiduciary, regardless of the geographic location of the User.

3.2 Material Scope

This Policy governs:

(a) All Personal Data collected through the Website, including through forms, cookies, server logs, and third-party integrations;

(b) All Personal Data voluntarily submitted by Users through newsletters, contact forms, comment sections, or other interactive features;

3.3 Exclusions

This Policy does not apply to:

(a) Information that has been anonymized or aggregated such that it can no longer identify an individual;

(b) Third-party websites or services accessed through hyperlinks on our Website, which are governed by their respective privacy policies;

4. CATEGORIES OF PERSONAL DATA COLLECTED

Our Company gathers and manages these specific types of Personal Data:

4.1 Identity and Contact Data

Full name
Email address
Telephone number (where voluntarily provided)
Correspondence address (where voluntarily provided)
Social media identifiers (if you choose to interact via social platforms)

4.2 Technical and Device Data

Internet Protocol (IP) address
Browser type and version
Operating system and device type
Device identifiers (including Mobile Advertising ID, Android ID, IDFA)
Screen resolution and display settings
Time zone and language settings
Referring/exit pages and URLs
Date and time stamps of access

4.3 Usage and Behavioral Data

Pages viewed and content accessed
Articles read and categories of interest.
Time spent on pages
Click patterns and navigation paths.
Search queries entered on the Website.
Interaction with advertisements and embedded content
Frequency of visits and session duration

4.4 Communication Data

Content of messages sent through contact forms
Feedback, comments, and User-generated content
Newsletter subscription preferences
Communication history with our support team

4.5 Location Data

Approximate geographic location derived from IP address
Country, state, and city-level location (non-precise)

4.6 Cookie and Tracking Data

Data collected through cookies, web beacons, pixel tags, and similar tracking technologies (detailed in Section 8 below).

4.7 Data We Do Not Collect

The Company expressly confirms that it does NOT collect, process, or store:

Sensitive Personal Data or Information (SPDI) as defined under the SPDI Rules, including financial information, credit/debit card details, payment instrument information, biometric data, health records, sexual orientation, or passwords in unencrypted form;
Government-issued identification numbers such as Aadhaar, PAN, Passport, or Driver’s License numbers;
Information relating to children below the age of 18 years without verifiable parental consent as required under Section 9 of the DPDP Act.

5. METHODS AND SOURCES OF DATA COLLECTION

Personal Data is collected through the following lawful methods:

5.1 Direct Collection

Data You voluntarily provide when You:

(a) Subscribe to our newsletters or email alerts;
(b) Complete contact forms or inquiry forms;
(c) Register for an account (if applicable);
(d) Participate in surveys, polls, or contests;
(e) Submit User content, comments, or feedback;
(f) Communicate with us via email or other channels.

5.2 Automated Collection

Data automatically collected through technological means:

(a) Server logs that record standard information transmitted by your browser;
(b) Cookies, web beacons, and similar tracking technologies;
(c) Analytics platforms such as Google Analytics, which collect Usage and Technical Data;
(d) Content Delivery Networks (CDNs) that cache and serve content.

5.3 Third-Party Sources

In limited circumstances, we may receive Personal Data from:

(a) Social media platforms, if you choose to interact with our content or use social login features;
(b) Advertising networks and analytics partners who provide aggregated insights;
(c) Publicly available sources for verification or fraud prevention purposes.

All data collection methods comply with the principle of “lawful and fair” processing under Section 4(1) of the DPDP Act.

6. PURPOSES AND LEGAL BASES FOR PROCESSING

6.1 Purposes of Processing

The Company processes Your Personal Data for the following specified, explicit, and legitimate purposes:

(a) Provision of Services

To deliver news content, articles, and information services
To enable access to different sections and features of the Website
To personalize content based on your interests and reading patterns
To maintain the functionality and performance of the Website

(b) Communication and Engagement

To send newsletters, news alerts, and editorial updates (with your consent)
To address your questions, feedback, and assistance needs
To notify you of changes to our Services or policies.
To send administrative communications necessary for the Services

(c) Analytics and Improvement

To examine user patterns and interests, enhancing content standards
To conduct statistical analysis and research on audience demographics
To test new features and optimise website performance
To generate aggregated, anonymized reports on Website traffic and engagement

(d) Security and Fraud Prevention

To identify, block, and counter security risks and fraud attempts.
To verify the user identity and prevent unauthorized access
To protect the integrity of the Website and our systems
To investigate violations of our Terms and Conditions

(e) Legal Compliance and Enforcement

To meet relevant laws, rules, and judicial requirements.
To fulfil valid demands from public authorities
To uphold our rights and protect from litigation claims
To maintain records as required under Indian law

(f) Marketing and Advertising (with explicit consent)

To deliver marketing messages on our Services or affiliates (with opt-out option)
To show targeted ads matching your preferences
To measure advertising effectiveness and campaign performance

6.2 Legal Bases for Processing

All processing activities are grounded in one or more of the following legal bases under the DPDP Act and IT Act:

(a) Consent (Section 6, DPDP Act)
Processing relies on your voluntary, precise, aware, and clear consent, secured via:

Affirmative action (e.g., ticking a checkbox, clicking “Subscribe”)
Clear and plain language explaining the purposes
Option to retract consent anytime, free from negative impact

(b) Legitimate Uses (Section 7, DPDP Act)
Processing necessary for:

Executing an agreement with you or preparing as per your request
Fulfilling the statutory duties required of the Company
Handling medical crises posing risks to life or well-being
Employment-related purposes (for staff data only)
Reasonable purposes as may be notified by the Central Government

(c) Necessity for Service Delivery
Processing is essential to provide the Services you have requested and to maintain the basic functionality of the Website.

(d) Legal Obligation
Processing required to comply with statutory obligations under Indian law, including tax laws, court orders, and regulatory directives.

6.3 Purpose Limitation

Personal Data shall be processed only for the purposes specified at the time of collection or for purposes compatible with those purposes. Any repurposing of data shall require fresh consent or notification as mandated by law.

7. Sharing and Transfer of Personal Data

7.1 General Principle of Confidentiality

The Company treats all Personal Data as confidential and does not sell, rent, trade, or otherwise monetize Your Personal Data to third parties for their independent marketing or commercial purposes.

7.2 Permitted Disclosures

Personal Data may be disclosed or shared only in the following limited circumstances:

(a) Data Processors and Service Providers

We engage third-party Data Processors who perform services on our behalf under strict contractual obligations:

Web Hosting Providers: For server infrastructure and data storage
Email Service Providers: For newsletter distribution and transactional emails (e.g., SendGrid, Mailchimp)
Analytics Platforms: For traffic analysis and User behavior insights (e.g., Google Analytics)
Content Delivery Networks (CDNs): For efficient content distribution
Customer Support Tools: For managing User inquiries and support tickets
Security Services: For threat detection, DDoS protection, and firewall services

All Data Processors are bound by written Data Processing Agreements (DPAs) that:

Limit processing to our documented instructions
Impose confidentiality obligations
Implement appropriate security measures.
Prohibit sub-processing without prior authorization.
Require deletion or return of data upon termination.

(b) Legal and Regulatory Authorities

Disclosure to government authorities, law enforcement agencies, courts, tribunals, or regulatory bodies when:

Required by law, statute, rule, or regulation
Necessary to comply with a legal process, court order, or subpoena
Needed to probe, avert, or address unlawful conduct.
Essential to safeguard the Company’s, users’, or public’s rights, assets, or security
Mandated under the IT Act, DPDP Act, or other applicable legislation

(c) Business Transfers

During mergers, takeovers, restructurings, asset transfers, or insolvency proceedings:

Personal Data may be transferred to the successor entity.
Users receive alerts on such transfers through email or clear website postings.
The successor entity will be bound by this Policy or required to adopt an equivalent policy.

(d) Consent-Based Sharing

Where you have provided explicit, informed consent for specific sharing purposes not otherwise covered in this Policy.

7.3 Cross-Border Data Transfers

(a) General Position

As our primary operations and servers are located in India, Personal Data is primarily processed and stored within Indian territory. However, certain Data Processors may be located in jurisdictions outside India.

(b) Safeguards for International Transfers

Where Personal Data is transferred to countries outside India, we ensure:

Transfers are made only to countries that the Central Government has notified as having adequate data protection standards under Section 16 of the DPDP Act.
Where the destination country lacks adequate protections, we implement appropriate safeguards such as:
- Standard Contractual Clauses (SCCs) approved by competent authorities
- Binding Corporate Rules for intra-group transfers
- Explicit consent from the Data Principal for specific transfers
- Contractual commitments ensuring equivalent protection standards.

(c) Data Localization

Critical Personal Data, if designated by the Central Government under Section 16 of the DPDP Act, shall be processed only within the territory of India and shall not be transferred outside India without explicit approval.

7.4 Prohibition on Sale

The Company categorically confirms that it does NOT sell Personal Data to any third party for monetary or other valuable consideration.

8. COOKIES AND TRACKING TECHNOLOGIES

8.1 What Are Cookies?

Websites commonly deploy cookies, tiny text files saved to your device to streamline operations, share analytics with site operators, and elevate user satisfaction.

8.2 Types of Cookies Used

This site employs these cookie types:

(a) Strictly Necessary Cookies

Essential cookies enable core site operations and cannot be disabled without major performance disruptions.

They include:

Session management cookies
Security and authentication cookies
Load balancing cookies
Accessibility preference cookies

Legal Basis: Legitimate interest in providing functional Services.

(b) Performance and Analytics Cookies

These cookies gather details on user interactions with the site:

Pages visited and time spent.
Links clicked and navigation paths.
Error messages encountered
Device and browser information

Tools Used: Google Analytics, internal analytics systems.

Legal Basis: Consent (obtained via cookie banner).

(c) Functional Cookies

These cookies remember your choices and preferences:

Language preferences
Region or location settings
Content display preferences

Legal Basis: Consent or legitimate interest in enhancing the user experience.

(d) Targeting and Advertising Cookies

These cookies track your browsing across websites to display relevant advertisements:

User interest profiles
Ad impression tracking
Conversion tracking

Legal Basis: Explicit consent (obtained via cookie banner with opt-in mechanism).

8.3 Third-Party Cookies

The Website may contain embedded content from third parties (e.g., YouTube videos, social media share buttons), which may set their own cookies. We do not control these third-party cookies, which are controlled by the relevant third party’s privacy rules.

8.4 Cookie Management and Consent

(a) On initial access, a banner appears for consenting to or declining non-essential cookies.

(b) You may manage cookie preferences at any time through:

The cookie management tool is accessible via [Website footer link]
Your browser settings (instructions available at www.aboutcookies.org)

(c) Disabling certain cookies may impair Website functionality.

(d) Consent for non-essential cookies may be withdrawn at any time without affecting lawful processing based on consent before withdrawal.

8.5 Duration of Cookies

Session Cookies: End upon browser closure
Persistent Cookies: Persist on your device for a set duration or until you remove them manually

Maximum retention: 24 months for analytics cookies; 12 months for advertising cookies.

9. DATA RETENTION AND DELETION

9.1 Retention Principles

Personal Data shall be retained only for as long as necessary to fulfil the purposes for which it was collected or as required by law. Our retention practices comply with Section 8 of the DPDP Act.

9.2 Specific Retention Periods

Newsletter Subscription Data	Until unsubscribe + 6 months	Marketing consent record-keeping
Contact Form Inquiries	12 months from last communication	Customer service and dispute resolution
Website Analytics Data	24 months	Business intelligence and improvement
Server Logs (IP addresses)	90 days	Security, fraud detection, legal compliance
Account Data (if applicable)	Account lifetime + 12 months	Contractual and legal obligations
Financial Records (if applicable)	7 years	Income Tax Act, 1961
Legal Correspondence	Duration of matter + 7 years	Limitation Act, 1963

9.3 Secure Deletion

Upon expiry of the retention period or upon receiving a valid erasure request:

(a) Personal Data is permanently deleted using secure deletion protocols.
(b) Data stored on backup systems is deleted during the next backup cycle.
(c) Physical media containing Personal Data is destroyed per industry standards;
(d) Data held by Data Processors is instructed to be deleted or returned.

9.4 Exceptions to Deletion

Data may be retained beyond standard periods where:

Required by law or court order;
Required for initiating, pursuing, or protecting against legal disputes;
With your explicit consent for extended retention;
Converted to an anonymised or aggregated form that no longer identifies You.

9.5 Archival

Where data must be retained for legal compliance but is no longer actively used, it is moved to secure archival storage with restricted access.

10. RIGHTS OF DATA PRINCIPALS

10.1 Overview

Under the DPDP Act, you have certain statutory rights regarding Your Personal Data. These rights are exercisable subject to applicable exemptions and limitations prescribed by law.

10.2 Right to Access (Section 11(2)(a), DPDP Act)

You have the right to obtain from us:

Confirmation of whether Personal Data concerning you is being processed;
A summary of Personal Data being processed and the purposes thereof;
Identities of Data Processors with whom data has been shared;
Details of any cross-border transfers.

10.3 Right to Correction (Section 11(2)(b), DPDP Act)

You may request correction of:

Inaccurate Personal Data;
Incomplete Personal Data by providing supplementary information.

We shall verify the accuracy before making corrections.

10.4 Right to Erasure (Section 11(2)(c), DPDP Act)

You may request deletion of Your Personal Data where:

It is no longer necessary for the purposes for which it was collected.
You withdraw consent, and there is no other legal ground for processing;
You oppose the processing, with no superior legitimate reasons prevailing.
Data has been unlawfully processed.
Deletion is required for legal compliance.

Exceptions: We may refuse to erase where retention is necessary for legal compliance, the establishment or defence of legal claims, or archiving in the public interest.

10.5 Right to Data Portability (Section 11(2)(d), DPDP Act)

When consent grounds the processing via automated methods, you can seek:

Receipt of Your Personal Data in a structured, commonly used, machine-readable format (e.g., CSV, JSON);
Transmission of such data to another Data Fiduciary, where technically feasible.

10.6 Right to Withdraw Consent (Section 6, DPDP Act)

If consent supports processing, you can revoke it anytime through:

Clicking “unsubscribe” in marketing emails;
Contacting our Grievance Officer at support@newstides.com;
Adjusting cookie preferences.

Revocation won’t invalidate prior lawful processing.

10.7 Right of Grievance Redressal (Section 6, DPDP Act)

You may lodge a complaint with our Grievance Officer regarding any breach of this Policy or the DPDP Act. If unresolved, you may escalate to the Data Protection Board of India.

10.8 Right to Nominate (Section 11(3), DPDP Act)

You may nominate another individual who may exercise your rights in the event of your death or incapacity. Submit nomination requests to support@newstides.com.

10.9 Exercising Your Rights

To exercise any of these rights:

(a) Submit a written request to support@newstides.com with the subject line “Data Principal Rights Request”;
(b) Include your full name, email address, and nature of request;
(c) Provide proof of identity (e.g., government-issued ID redacting sensitive details);
(d) Specify the Personal Data to which Your request relates.

Response Time: We shall respond within 30 days of receiving a valid request. If the request is complex or voluminous, we may extend the period by an additional 30 days with prior notice.

Fees: Requests are generally free. That said, we might apply a fair processing charge for manifestly unfounded, excessive, or repetitive requests.

10.10 Limitations on Rights

Rights may be restricted where necessary for:

National security or public order;
Prevention, detection, investigation, or prosecution of offenses;
Legal or judicial proceedings;
Protection of the rights and freedoms of others.

11. SECURITY MEASURES AND DATA PROTECTION

11.1 Security Commitment

The Company is committed to ensuring the security, integrity, and confidentiality of Personal Data. We adopt appropriate security measures mandated by Rule 8 of the SPDI Rules and international standards such as ISO/IEC 27001:2013.

11.2 Technical Safeguards

(a) Encryption

Transmitted data employs Transport Layer Security (TLS) 1.3 or above for encryption.
Stored sensitive data receives AES-256 encryption.

(b) Access Controls

Role-based access control (RBAC) limits employee access on a need-to-know basis.
Multi-factor authentication (MFA) for administrative access;
Regular review and revocation of access privileges.

(c) Network Security

Firewalls, intrusion detection (IDS), and prevention (IPS) systems;
DDoS mitigation and rate limiting;
Secure network architecture with segregated environments.

(d) Vulnerability Management

Routine security reviews and ethical hacking tests from external specialists;
Vulnerability scanning and patch management protocols;
Security code reviews and secure development practices.

11.3 Organizational Safeguards

(a) Employee Training

Mandatory data protection and cybersecurity training for all personnel;
Confidentiality agreements are binding on all employees and contractors.

(b) Incident Response

Documented incident response plan for data breaches.
24/7 security monitoring and alerting systems.

(c) Third-Party Management

Due diligence and security assessments of Data Processors;
Contractual obligations requiring equivalent security standards.

11.4 Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms:

(a) We shall notify the Indian Computer Emergency Response Team (CERT-In) within 6 hours of becoming aware, as required under IT Rules 2021.

(b) Affected Data Principals shall be notified within 72 hours via email or prominent notice on the Website, including:

Nature of the breach and categories of data affected;
Likely consequences and measures taken or proposed;
Contact details of the Grievance Officer;
Recommendations for mitigating harm.

(c) Documentation of all breaches shall be maintained for review by regulatory authorities.

11.5 Limitations

We use strong safeguards, yet no online system offers perfect protection against breaches. Internet-transmitted data carries unavoidable risks, which you recognize by using our services.

12. CHILDREN’S PRIVACY

12.1 Age Restriction

The Services are not directed at, marketed to, or intended for use by individuals below the age of 18 years (“Children” or “Minors”).

12.2 Compliance with DPDP Act

In accordance with Section 9 of the DPDP Act, the processing of Personal Data of Children requires verifiable consent from a parent or lawful guardian. We do not knowingly collect, process, or solicit Personal Data from Children without such consent.

12.3 Verification Mechanisms

Where we have reason to believe a User may be a Child, we implement age-gating mechanisms or require parental consent verification before permitting access to certain features.

12.4 Discovery and Deletion

If we become aware that we have inadvertently collected Personal Data from a Child without proper parental consent:

(a) We shall delete such data as soon as reasonably practicable;
(b) We shall not use or disclose such data for any purpose;
(c) We shall notify the parent or guardian where their contact information is available.

12.5 Parental Rights

Parents or legal guardians may:

Review the Personal Data collected from their child.
Request correction or deletion of such data;
Refuse further collection or use of the child’s data;
Withdraw previously given consent.

Contact for Parental Concerns: support@newstides.com with subject line “Children’s Privacy Concern.”

13. CHANGES AND UPDATES TO THIS POLICY

13.1 Right to Modify

The Company reserves the right to amend, modify, update, or replace this Policy at any time to reflect:

Changes in legal or regulatory requirements;
Changes in our data processing practices;
Technological developments;
Business operational needs.

13.2 Notification of Material Changes

For material changes that affect your rights or our processing activities:

(a) We shall provide advance notice via:

Prominent notice on the Website homepage;
Email notification to registered Users.
In-app notifications (where applicable).

(b) The revised Policy shall specify the effective date of changes.

13.3 Continued Use as Acceptance

Ongoing use of our Services after changes take effect signals your approval of the updated Policy. Disagreement requires stopping Service access.

13.4 Version History

Past Policy versions are stored for review and can be requested via support@newstides.com. This promotes openness and supports compliance audits.

13.5 Policy Review

This Policy is reviewed annually or as necessitated by legal developments to ensure ongoing compliance and best practices.

14. COMPLIANCE WITH INDIAN DATA PROTECTION LAWS

14.1 DPDP Act, 2023 Compliance

This Policy and our data processing practices are designed to comply with:

Chapter II: Obligations of Data Fiduciary
Chapter III: Duties and Rights of Data Principal
Chapter IV: Obligations of Significant Data Fiduciary (if designated)
All Rules and Regulations notified thereunder.

14.2 IT Act, 2000 and Rules Compliance

We adhere to:

Section 43A: (Compensation for failure to secure sensitive personal data)
Section 72A: (Penalty for breaching contract by disclosing confidential information)
SPDI Rules, 2011
IT: (Digital Media Ethics Code and Intermediary Guidelines) Rules, 2021
IT: (CERT-In Rules: Functions and Duties of the Indian Computer Emergency Response Team) Rules, 2013

14.3 Other Applicable Laws

Our practices also consider:

Indian Contract Act, 1872
Consumer Protection Act, 2019
Telecom Regulatory Authority of India (TRAI) regulations
MeitY-Issued Guidelines on Electronics and IT

14.4 Regulatory Cooperation

We commit to full cooperation with competent regulatory authorities, including:

Data Protection Board of India
Ministry of Electronics and Information Technology
CERT-In
Cyber Crime Cells

14.5 Designation as Significant Data Fiduciary

Should the Company be designated as a “Significant Data Fiduciary” under Section 10 of the DPDP Act, we shall comply with additional obligations, including:

Appointment of Data Protection Officer (DPO) and Independent Data Auditor for Significant Data Fiduciaries;
Conducting Data Protection Impact Assessments (DPIAs);
Periodic audits and compliance reporting;
Enhanced transparency and accountability measures.

15. INTERNATIONAL USER CONSIDERATIONS

15.1 Users from the European Economic Area (EEA) and the United Kingdom

While this Policy is primarily governed by Indian law, we recognize certain rights under the General Data Protection Regulation (GDPR) for EEA/UK residents:

Legal bases for processing align with GDPR Article 6 principles;
Rights to access, rectification, erasure, restriction, portability, and objection are honoured;
Users hold the right to lodge complaints with data protection authorities.

15.2 Users from Other Jurisdictions

Users accessing the Services from jurisdictions outside India do so at their own initiative and are responsible for compliance with local laws. Where conflicts arise between this Policy and local laws, local mandatory laws shall prevail to the extent of such conflict.

15.3 Data Transfers

Per Section 7.3, cross-border data transfers require appropriate safeguards and compliance with transfer rules under Indian and foreign laws.

16. GOVERNING LAW AND DISPUTE RESOLUTION

16.1 Governing Law

This Policy and associated disputes are governed exclusively by Indian substantive laws.

16.2 Jurisdiction

Subject to the arbitration provisions below, the courts at Gurugram, Haryana, India shall have exclusive jurisdiction over any disputes arising under this Policy.

16.3 Arbitration

Disputes, claims, or controversies from this Policy, including breaches, termination, or invalidity, shall be resolved via arbitration under:

The Arbitration and Conciliation Act, 1996;
Seat of arbitration: Gurugram, Haryana, India;
Language: English;
Number of arbitrators: One (1) appointed by mutual agreement or by the Chairperson of the Indian Council of Arbitration;
Arbitration awards bind all parties as final decisions.

16.4 Limitation Period

Legal actions under this Policy must commence within 1 year of the cause of action arising, or within the period prescribed by the Limitation Act, 1963, whichever ends sooner.

16.5 Severability

Invalid, illegal, or unenforceable provisions are severed; remaining terms stay fully effective.

17. CONTACT INFORMATION AND GRIEVANCE REDRESSAL

17.1 General Inquiries

NewsTides
BPTP Amstoria, Sector-102
Gurugram, Haryana 122006, India
Email: support@newstides.com
Working Hours: Monday to Saturday, 10:00 AM to 7:00 PM (GMT+5:30)

17.2 Response Timeline

Acknowledgment of inquiry/complaint: Within 24 hours
Resolution or substantive response: Within 30 days (may be extended by 30 days for complex matters with notice)

17.3 Escalation

Unresolved grievances may be escalated to:

Data Protection Board of India (once constituted under the DPDP Act)
Cyber Crime Cells (for criminal matters)
Consumer Forums (for consumer protection matters)

18. ACKNOWLEDGMENT AND CONSENT

Accessing or using Services means you acknowledge:

(a) You have read, understood, and agree to be bound by this Privacy Policy;

(b) You consent to the collection, processing, storage, use, disclosure, and transfer of Your Personal Data as described herein;

(d) You understand the purposes for which Your Personal Data will be processed;

(e) You have the capacity to provide valid consent under applicable law;

(f) For consent-based processing, you may withdraw consent at any time in accordance with Section 10.6 above.

(g) This Policy forms an integral part of the Terms and Conditions governing Your use of the Services.

Privacy Policy